Orchestration v2 Attributes for SecurityProtocol

The following sample JSON shows the key attributes of the SecurityProtocol object type. A description of each of the required and optional attributes of this object type is provided in the table that follows the JSON sample.

          {
                    "description": "Sec Protocol 1",
                    "dstPortSet": ["20", "155-1100"],
                    "ipProtocol": "tcp",
                    "name": "/Compute-acme/joe/secprotocol_1",
                    "srcPortSet": ["10", "55-100"]
          }
            
Parameter Required or Optional Description

name

required

The three-part name of the object (/Compute-identity_domain/user/object).

Object names can contain only alphanumeric characters, hyphens, underscores, and periods. Object names are case-sensitive.

When you specify the object name, ensure that an object of the same type and with the same name doesn’t already exist. If such an object already exists, another object of the same type and with the same name won’t be created and the existing object won’t be updated.

ipProtocol

optional

The protocol used in the data portion of the IP datagram.

The value that you specify can be either a text representation of a protocol or any unsigned 8-bit assigned protocol number in the range 0–254. See Assigned Internet Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml).

The following text representations are allowed:

  • tcp

  • udp

  • icmp

  • igmp

  • ipip

  • rdp

  • esp

  • ah

  • gre

  • icmpv6

  • ospf

  • pim

  • sctp

  • mplsip

  • all

  • Any number from 0 to 254

If no protocol is specified, all protocols are allowed.

srcPortSet

optional

List of port numbers or port range strings to match the packet's source port.

  • For tcp, sctp, and udp, each port is a source transport port, between 0 and 65535, inclusive.

  • For icmp, each port is an ICMP type, between 0 and 255, inclusive.

If no source ports are specified, all source ports or ICMP types are allowed.

dstPortSet

optional

List of port numbers or port range strings to match the packet's destination port.

For tcp, sctp, and udp, each port is a destination transport port, between 0 and 65535, inclusive. For icmp, each port is an ICMP code, between 0 and 255, inclusive.

If no destination ports are specified, all destination ports or ICMP codes are allowed.

description

optional

Description of the security protocol.

tags

optional

Strings that you can use to tag the security protocol.